A user that communicates directly with an application on a third party server typically provides a user name and password through a user interface to gain access. When seeking communication with the application through a client running on a client machine, the user may not want to save a user name and/or password within the client to access the provider because of security concerns with the client, limitations on the functionality of the client, and the like.
The provider typically provides notifications to the user regarding potential problems, special offers, and the like. However, users that receive the notifications may have difficulty in determining whether the notification was actually provided by the provider or by an unauthorized third party that was pretending to be the provider. Users that respond to the unauthorized third party notification may mistakenly provide the unauthorized third party with a user name and password that may allow the unauthorized third party to access the user account, account information, payment information, and the like.